You probably don't need to break the encryption because eventually all traffic has to exit the VPN's company's endpoint, and at that point it can be captured. Meta data such as the browser's fingerprint can be used to tie traffic to an individual, for example, if you see them log in to a regular HTTP site with an email or a username, this information could probably be used to figure out who they are. Armed with this information, all other traffic originating from that endpoint (or elsewhere) with the same browser fingerprint.[-1] can be monitored. Weak keys can also cause the encrypted tunnel to be compromised. Also, PPTP is considered a very insecure tunneling protocol[0] but still used.
You could also break into the VPN company's servers and do interesting things too. There's also the possibility of timing attacks to determine the real IP address of the VPN user, although that's fairly a sophisticated method and quite difficult to do.
Bear in mind that this presentation dates back to 2008, which is a long time in tech years. Who knows what they're capable of now. All that's known is that they're not capable of less.
VPNs are useful for three things: protecting yourself against relatively unsophisticated bad guys sniffing traffic on a local network (for example, an unsecured wireless network), bypassing geographic content restrictions (e.g. using Pandora in Sweden), and circumventing ISP traffic shaping (often they'll not shape VPN traffic because it's used for businesses, and businesses can be whale customers).
> all traffic has to exit the VPN's company's endpoint, and at that point it can be captured.
If the only thing they're dealing with is VPN's used as a private proxy for access to the public internet, you're right, and if so it's not so troubling (well, as in it is "only" just as troubling as having them access everyones web traffic).
But arguably most VPN traffic is exiting inside private networks and are intended for machines within those private networks. If they are capable of breaking or circumventing the crypto of those, then that's troubling at a whole different level because it potentially means massive unknown weaknesses in either specific crypto products, or in algorithms that have been assumed to still be reasonably safe.
Many corporate VPNs are secured via RSA SecurID and their keyfobs. Several years ago the SecurID source was compromised by hackers[1] and it was suspected the master seed/key was lost. Imagine if the NSA had access to that key -- it'd certainly be a juicy target for them.
The most reasonable assumption to make right now is to assume that the NSA does have the key. They may not, but but then again the recent revelations have been so absurdly horrifying that I wouldn't put it past them.
The slide talks about VPN startups. Some corporate VPN connections could be also compromised for a number of reasons. There are possibly undisclosed weaknesses in the "gold standard" VPN solutions, such as OpenVPN, as well as the protocols they use.
Security's dirty secret is that security is an unobtainable goal. The goal of designing secure systems isn't to create something impenetrable (i.e. secure), but something that's almost impossible to penetrate. 100% secure systems are about as common as rooster eggs.
I took that to mean establishment of VPN connections, rather than companies operating VPN services.
Of course total security is impossible. But it would still be troubling if breaking common VPN services is not only possible but also doable with small enough resources that "any analyst" at NSA can just request it.
You could also break into the VPN company's servers and do interesting things too. There's also the possibility of timing attacks to determine the real IP address of the VPN user, although that's fairly a sophisticated method and quite difficult to do.
Bear in mind that this presentation dates back to 2008, which is a long time in tech years. Who knows what they're capable of now. All that's known is that they're not capable of less.
VPNs are useful for three things: protecting yourself against relatively unsophisticated bad guys sniffing traffic on a local network (for example, an unsecured wireless network), bypassing geographic content restrictions (e.g. using Pandora in Sweden), and circumventing ISP traffic shaping (often they'll not shape VPN traffic because it's used for businesses, and businesses can be whale customers).
[-1] http://en.wikipedia.org/wiki/Device_fingerprint
[0] http://blog.calyptix.com/2012/08/pptp-is-so-insecure-it-shou...